WIRED Threat Level

MAY 14, 2019

All it took to compromise a smartphone was a single phone call over WhatsApp. The user didn't even have to pick up the phone.

IT 107

IT Security 107

Data Breach Today

MAY 16, 2019

$63 Million in Fines Imposed Since Privacy Law Went Into Full Effect European privacy authorities have received nearly 65,000 data breach notifications since the EU's General Data Protection Regulation went into full effect in May 2018. Privacy regulators have also imposed at least $63 million in GDPR fines.

Data breaches 267

Data breaches GDPR Privacy 267

Information Management Resources

MAY 17, 2019

Such frameworks ensure that AI continues to lead to the best decisions, without unintended consequences or misuse of data and analytics.

Artificial Intelligence 53

Artificial Intelligence Analytics 53

Krebs on Security

MAY 14, 2019

Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003 , citing the discovery of a “wormable” flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017. The May 2017 global malware epidemic WannaCry affected some 200,000 Windows systems in 150 countries.

Ransomware 271

Ransomware Authentication Security IT 271

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Krebs on Security

MAY 15, 2019

In the early days of the Internet, there was a period when Internet Protocol version 4 (IPv4) addresses (e.g. 4.4.4.4) were given out like cotton candy to anyone who asked. But these days companies are queuing up to obtain new IP space from the various regional registries that periodically dole out the prized digits. With the value of a single IP hovering between $15-$25, those registries are now fighting a wave of shady brokers who specialize in securing new IP address blocks under false preten

IT 199

IT Marketing Security 199

The Last Watchdog

MAY 14, 2019

One of the catch phrases I overheard at RSA 2019 that jumped out at me was this: “The internet is the new corporate network.” Related: ‘Machine identities’ now readily available in the Dark Net Think about how far we’ve come since 1999, when the Y2K scare alarmed many, until today, with hybrid cloud networks the norm. There’s no question the benefits of accelerating digital transformation are astounding.

Authentication 178

Authentication Digital transformation Cloud Risk 178

AIIM

MAY 17, 2019

Sometimes a little too much of a good thing can be a bad thing. An overabundance of motivation can lead to stress, fatigue, and burnout. According to the Harvard Business Review, the majority of managers now spend over 85% of their work time checking emails, checking up on meetings, connecting with people over the phone, and checking their phones for important, work-related updates.

Communications 154

Communications Risk IT 154

Krebs on Security

MAY 16, 2019

Law enforcement agencies in the United States and Europe today unsealed charges against 11 alleged members of the GozNym malware network, an international cybercriminal syndicate suspected of stealing $100 million from more than 41,000 victims with the help of a stealthy banking trojan by the same name. The locations of alleged GozNym cybercrime group members.

Computer and Electronics 204

Computer and Electronics Phishing Cloud Access 204

Data Breach Today

MAY 13, 2019

Massive 2017 Breach Continues to Bite the Credit Reporting Giant's Bottom Line Equifax has reported a loss in its latest quarter due to ongoing incident response, legal, investigative and corporate information security overhaul costs resulting from its 2017 data breach. The credit reporting giant says that so far, it's spent $1.4 billion as a result of the massive breach.

Data breaches 261

Data breaches Information Security Security IT 261

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

WIRED Threat Level

MAY 14, 2019

Two different groups of researchers found another speculative execution attack that can steal all the data a CPU touches.

Security 111

Security 111

AIIM

MAY 15, 2019

I am very pleased to announce that the Certified Information Professional (CIP) exam has been approved for reimbursement under the Veterans Education Benefit program for Licensing and Certification reimbursements administered by the U.S. Department of Veterans Affairs - aka the GI Bill. This is something that is intensely personal to me. When I got out of the Marine Corps, I wasn't sure what I wanted to do, but I knew that I had the GI Bill to help fund my education and professional development.

Education 129

Education Military IT Security 129

Security Affairs

MAY 14, 2019

Millions of computers powered by Intel processors are affected by a new class of vulnerabilities ( MDS ) that can leak potentially sensitive data. Researchers from multiple universities and security firms discovered a new class of speculative execution side-channel vulnerabilities that could be exploited with new side-channel attack methods dubbed Fallout, RIDL (Rogue In-Flight Data Load), and ZombieLoad. “On May 14, 2019, Intel and other industry partners shared details and information ab

Paper 111

Paper Encryption Passwords Security 111

Data Breach Today

MAY 15, 2019

CPUs Shipped From 2011 Onward Have Flaws of the Meltdown and Spectre Variety Newly discovered microarchitectural data sampling flaws in Intel processors - collectively dubbed "ZombieLoad" - could be exploited to steal private data from PCs and servers, including shared cloud environments. Intel, Microsoft, Apple and others have begun to ship patches designed to help mitigate the problems.

Cloud 260

Cloud 260

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

WIRED Threat Level

MAY 13, 2019

Researchers have discovered a way to break one of Cisco's most critical security features, which puts countless networks at potential risk.

Risk 112

Risk Security 112

Dark Reading

MAY 14, 2019

Tweet suggests possible screenshot of stolen city documents and credentials in the wake of attack that took down city servers last week.

Ransomware 110

Ransomware 110

Security Affairs

MAY 17, 2019

The German newspaper Der Spiegel revealed that the software company behind TeamViewer was compromised in 2016 by Chinese hackers. China-linked hackers breached German software company behind TeamViewer in 2016, this news was reported by the German newspaper Der Spiegel. According to the media outlet, Chinese state-sponsored hackers used the Winnti trojan malware to infect the systems of the Company.

Security 111

Security Cybersecurity Access IT 111

Data Breach Today

MAY 14, 2019

Immediate App Updating Required to Protect Apple and Android Device Users Facebook is warning users of its WhatsApp messaging app to update immediately to fix a flaw that is being used to remotely install Pegasus surveillance software from Israel's NSO Group. WhatsApp says a "select number" of targets were hit by the attacks, which it has blamed on "an advanced cyber actor.

IT 257

IT 257

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Schneier on Security

MAY 17, 2019

In March, Adi Shamir -- that's the "S" in RSA -- was denied a US visa to attend the RSA Conference. He's Israeli. This month, British citizen Ross Anderson couldn't attend an awards ceremony in DC because of visa issues. (You can listen to his recorded acceptance speech.) I've heard of at least one other prominent cryptographer who is in the same boat.

109

109

WIRED Threat Level

MAY 15, 2019

A very bad vulnerability in Windows XP could have serious ramifications, even with a patch.

Security 106

Security 106

Security Affairs

MAY 14, 2019

Facebook fixed a critical zero-day flaw in WhatsApp that has been exploited to remotely install spyware on phones by calling the targeted device. Facebook has recently patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device. WhatsApp did not name the threat actor exploiting the CVE-2019-3568, it described the attackers as an “advanced cyber actor” that targeted “a select number

Government 111

Government Security IT Information Security 111

Data Breach Today

MAY 16, 2019

6 Suspects Arrested on Money Laundering, Malware-Writing or Fraud Charges Law enforcement agencies in the U.S. and Europe have disrupted a malware attack platform called GozNym. Six suspects have been arrested in four countries and face local prosecution on fraud, money laundering or malware-writing charges. Five Russian suspects remain at large.

242

242

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Schneier on Security

MAY 13, 2019

Human Rights Watch has reverse engineered an app used by the Chinese police to conduct mass surveillance on Turkic Muslims in Xinjiang. The details are fascinating, and chilling. Boing Boing post.

Privacy 107

Privacy 107

Thales Cloud Protection & Licensing

MAY 16, 2019

We are seeing more organizations use a ‘lift and shift’ policy, where data is moved to the cloud to satisfy project requirements. But safe migration to the cloud requires that the process be secure, compliant and easy to implement. The 1,200 data security professionals worldwide who were surveyed for the 2019 Thales Data Threat Report-Global Edition tell us that protecting sensitive data in the cloud is becoming increasingly complex.

Cloud 105

Cloud Compliance Security Digital transformation 105

Security Affairs

MAY 12, 2019

The paradox, the USB stick eyeDisk that uses iris recognition to unlock the drive could reveal the device’s password in plain text in a simple way. eyeDisk is a USB stick that uses iris recognition to unlock the drive, it is advertised as the “Unhackable USB Flash Drive,” instead it could reveal the device’s password in plain text. Just analyzing the eyeDisk USB stick with the Wireshark packet analyzer.

Passwords 111

Passwords Authentication Encryption IT 111

Data Breach Today

MAY 13, 2019

Business Email Compromise Schemes Get More Sophisticated A growing area of concern for security researchers is a new crop of business email compromise schemes originating from Nigeria, with scammers upping their game by using new malware. The biggest of the crime gangs is SilverTerrier, according to Palo Alto Network's Unit 42.

Security 231

Security 231

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

WIRED Threat Level

MAY 16, 2019

Opinion: As online extremism migrates to real-world violence, some suggest letting law enforcement intercept encrypted messages. But that’s a dangerous proposition.

Access 103

Access Encryption Privacy Security 103

Schneier on Security

MAY 16, 2019

Last month, Kaspersky discovered that Asus's live update system was infected with malware , an operation it called Operation Shadowhammer. Now we learn that six other companies were targeted in the same operation. As we mentioned before, ASUS was not the only company used by the attackers. Studying this case, our experts found other samples that used similar algorithms.

Healthcare 102

Healthcare Access Security IT 102

Security Affairs

MAY 11, 2019

Researchers at Cisco Talos discovered an use-after-free() vulnerability in SQLite that could be exploited by an attacker to remotely execute code on an affected device. Cisco Talos experts discovered an use-after-free() flaw in SQLite that could be exploited by an attacker to remotely execute code on an affected device. An attacker can trigger the flaw by sending a malicious SQL command to the vulnerable installs. “An exploitable use after free vulnerability exists in the window function

Libraries 111

Libraries Security IT 111